Analyzing Structural Security Posture to Evaluate System Design Decisions

Samuel, Joe; Jaskolka, Jason; Yee, George

doi:10.1109/qrs54544.2021.00012

Cited by 4 publications

(1 citation statement)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…What remains to be seen is whether we can leverage similar graph-based approaches to help reduce the prevalence of implicit interactions in a system design, and whether we can approximate the results obtained from the formal C 2 KA specification of a system. Specifically, graph-based measures such as degree centrality used in [MAS + 20] and eigenvector centrality used in [SJY21a] may be also usable for locating areas of a design to modify to reduce the prevalence of implicit interactions, and measurements discussed in other works may relate to how the prevalence of implicit interactions changes from one system design to another. Showing such a relationship exists can help further solidify these as strong design-level measurements for less formal security analyses.…”

Section: Graph-based Methods In System Developmentmentioning

confidence: 99%

Principles and Properties for Reducing the Prevalence of Implicit Interactions in System Designs.

Newton¹

View full text Add to dashboard Cite

Early security considerations are essential to ensuring a system is adequately protected, but their ever-growing size and complexity often leaves full comprehension of a system's interconnections out of reach. This gives rise to implicit interactions. These unplanned or unforeseen communication sequences between components are security vulnerabilities that can be exploited to mount a cyberattack. Existing design-phase formal methods-based approaches exist to identify implicit interactions, but formal methods see limited adoption and the root cause of implicit interactions is not well understood.In this work, we extend the existing formal approach to suggest areas of a system to focus redesign efforts, while also providing alternative approaches that do not require formal expertise. These focus on graph-based measurements and providing a set of properties, quality attributes, and design principles with goals in line with the reduction of the prevalence of implicit interactions within a system design.I would like to thank my supervisor, Professor Jason Jaskolka, for his interest and guidance in this project. His support, encouragement, and ability to foster ideas and out-of-the-box thinking were all pivotal to the success of this work.I thank my colleagues for creating an inviting environment to share ideas, and for all their advice and constructive comments.Finally, I wish to thank my parents and my best friend for all their unconditional love and support over these past two years.

show abstract

Section: Graph-based Methods In System Developmentmentioning

confidence: 99%